Lucene search

Veracode Vulnerability DatabaseVERACODE:23631

HistoryApr 10, 2020 - 12:32 a.m.

Arbitrary Code Execution

2020-04-1000:32:09

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.235 Low

EPSS

Percentile

96.6%

JSON

poppler is vulnerable to arbitrary code execution. The vulnerability exists as an attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash or, potentially, execute arbitrary code when opened.

CPENameOperatorVersion
popplereq0.5.4__4.el5
popplereq0.5.4__4.1.el5
popplereq0.5.4__4.3.el5_1
xpdfeq3.00__20.el4
xpdfeq3.00__16.el4
xpdfeq3.00__14.el4
kdegraphicseq3.3.1__13.el4
kdegraphicseq3.3.1__10.el4
kdegraphicseq3.5.4__8.el5
kdegraphicseq3.5.4__13.el5_3

Name	Operator	Version
poppler	eq	0.5.4__4.el5
poppler	eq	0.5.4__4.1.el5
poppler	eq	0.5.4__4.3.el5_1
xpdf	eq	3.00__20.el4
xpdf	eq	3.00__16.el4
xpdf	eq	3.00__14.el4
kdegraphics	eq	3.3.1__13.el4
kdegraphics	eq	3.3.1__10.el4
kdegraphics	eq	3.5.4__8.el5
kdegraphics	eq	3.5.4__13.el5_3

Rows per page:

1-10 of 321

References

bugs.gentoo.org/show_bug.cgi?id=263028#c16

lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html

lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html

lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html

poppler.freedesktop.org/releases.html

secunia.com/advisories/34746

secunia.com/advisories/35064

secunia.com/advisories/35618

secunia.com/advisories/37028

secunia.com/advisories/37037

secunia.com/advisories/37043

secunia.com/advisories/37053

secunia.com/advisories/37077

secunia.com/advisories/37079

secunia.com/advisories/39327

secunia.com/advisories/39938

wiki.rpath.com/Advisories:rPSA-2009-0059

www.debian.org/security/2010/dsa-2028

www.debian.org/security/2010/dsa-2050

www.kb.cert.org/vuls/id/196617

www.mandriva.com/security/advisories?name=MDVSA-2010:087

www.mandriva.com/security/advisories?name=MDVSA-2011:175

www.redhat.com/security/updates/classification/#important

www.redhat.com/support/errata/RHSA-2009-0480.html

www.securityfocus.com/archive/1/502761/100/0/threaded

www.securityfocus.com/bid/34568

www.vupen.com/english/advisories/2009/1076

www.vupen.com/english/advisories/2009/2928

www.vupen.com/english/advisories/2010/0802

www.vupen.com/english/advisories/2010/1040

www.vupen.com/english/advisories/2010/1220

access.redhat.com/errata/RHSA-2009:0480

access.redhat.com/errata/RHSA-2009:1501

access.redhat.com/errata/RHSA-2009:1502

access.redhat.com/errata/RHSA-2009:1503

access.redhat.com/errata/RHSA-2009:1512

access.redhat.com/security/cve/CVE-2009-1188

bugs.launchpad.net/ubuntu/+source/poppler/+bug/361875

bugzilla.redhat.com/show_bug.cgi?id=495907

bugzilla.redhat.com/show_bug.cgi?id=526915

exchange.xforce.ibmcloud.com/vulnerabilities/50185

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9957

rhn.redhat.com/errata/RHSA-2009-1501.html

rhn.redhat.com/errata/RHSA-2009-1502.html

rhn.redhat.com/errata/RHSA-2009-1503.html

rhn.redhat.com/errata/RHSA-2009-1512.html

www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html

0.235 Low

EPSS

Percentile

96.6%

JSON

Related for VERACODE:23631